Microsoft AZ-700 - Designing and Implementing Microsoft Azure Networking Solutions
You have an on-premises DNS server named Server1 that hosts a primary DNS zone named fabrikam.com.
You have an Azure subscription that contains the resources shown in the following table.
Users on the on-premises network access resources on all the virtual networks by using a Site-to-Site (S2S) VPN. You need to deploy an Azure DNS Private Resolver solution that meets the following requirements:
• Resources connected to the virtual networks must be able to resolve DNS names for fabrikam.com.
• Server1 must be able to resolve the DNS names of the resources in contoso.com.
• The solution must minimize costs and administrative effort.
What is the minimum number of resolvers you should deploy?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure application gateway that has Azure Web Application Firewall (WAF) enabled.
You configure the application gateway to direct traffic to the URL of the application gateway.
You attempt to access the URL and receive an HTTP 403 error. You view the diagnostics log and discover the following error.
You need to ensure that the URL is accessible through the application gateway.
Solution: You disable the WAF rule that has a ruleld of 920300.
Does this meet the goal?
You need to use Traffic Analytics to monitor the usage of applications deployed to Azure virtual machines.
Which Azure Network Watcher feature should you implement first?
You have an Azure subscription that contains 1.000 virtual machines.
You collect network security group (NSG) flow logs.
You need to identify all the virtual machines that have interacted with non-Azure public IP addresses during the last 30 days
How should you complete the query? To answer, select the appropriate options in the answer area
NOTE; Each correct selection is worth one point.
You have an on-premises network.
You have an Azure subscription that contains the resources shown in the following table.
You need to implement an ExpressRoute circuit to access the resources in the subscription. The solution must ensure that the on-premises network connects to the Azure resources by using the ExpressRoute circuit.
Which type of peering should you use for each connection? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Your company has 10 instances of a web service. Each instance is hosted in a different Azure region and is accessible through a public endpoint.
The development department at the company is creating an application named App1. Every 10 minutes. App1 will use a list of end points and connect to the first available endpoint.
You plan to use Azure Traffic Manager to maintain the list of endpoints.
You need to configure a Traffic Manager profile that will minimize the impact of DNS caching.
What should you configure? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Your company has offices in London, Tokyo, and New York.
The company has a web app named App1 that has the Azure Traffic Manager profile shown in the following table.
In Asia, you plan to deploy an additional endpoint that will host an updated version of App1. You need to route 10 percent of the traffic from the Tokyo office to the new endpoint during testi What should you configure in Traffic Manager?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct soluti on, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it as a result, these questions will not appear in the review screen.
You have an Azure subscription that contains an Azure F ront Door Premium profile named AFD1 and an Azure Web Application Firewall (WAF) policy named WAF1. AFD1 is associated with WAFT.
You need to configure a rate limit for incoming requests to AFD1.
Solution: You configure a custom rule for WAF1.
Does this me et the goal?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not ap pear in the review screen.
You have on Azure subscription that contains on Azure Virtual WAN named VWAN1.VWAN1 contains a hub named Hub1.
Hub! has a security status of Unsecured.
You need to ensure that the security status of Hub1 is marked as Secured.
Sol ution: You implement Azure Firewall.
Does this meet the requirement?
You have an Azure subscription that contains the resources is shown in the following table.
You need to ensure that the apps hosted on VM1 can resolve the IP address of the What should you create first?
